locking down the net.

[something_totally_different]

Ive been asked to lock down a group of computers computers web access to just 1 site that they all use, that site being royal mail. The problem is... its such an odd request that i am not sure how to do it

wondered if it was even possible and if so, how?


cheers.

 

[FrenchTart]

Knowing a bit more about the network would help. What kind of setup do you have on the PCs and on the routers/switches?

 

[something_totally_different]

Knowing a bit more about the network would help. What kind of setup do you have on the PCs and on the routers/switches?

I haven't been to the site before so i am unsure, it will either be running off the buildings supply, in which case god knows whats pumping the net data as i wont have direct access, or its a local wireless hub.

 

[Bakedgoods]

Websense?

 

[Jumping]

If they have AD running there you could make a rule that blocks all net traffic beside the one site you want quickly and dirty.

 

[SinaiSound]

Content management in IE?

 

[mynsa]

on your internet router / firewall you could drop all traffic for those machines and set up a specific rules which states that traffic coming from them machines is only allowed to royal mails ip addresses.

Depends on what youve got set up on your network and what access levels you have?



a quick and dirty way to do it:

you could also drop the default gateway and add a static route to royal mails ips:

royalmailip via default gateway

change royalmailip for royal mails ip and default gateway for the gateway router

ensure you remove the default gateway first - otherwise you just duplicating a route that can be summarised by the default gateway and the inet will still work